URL:
<https://savannah.gnu.org/bugs/?55511>
Summary: Prevent Panic causing Panic, and children removing
sockets
Project: GNU Screen
Submitted by: sshambar
Submitted on: Fri 18 Jan 2019 06:41:51 PM UTC
Category: Program Logic
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Release: 4.6.2
Fixed Release: None
Planned Release: None
Work Required: None
_______________________________________________________
Details:
While tracking down another screen bug, I noticed that I wasn't getting Panic
messages from child processes, and my screen socket kept disappearing.
This is all related to suid root screen (tested on OSX, but probably applies
to other suid ports).
The problem is that in several places forked child processes call setuid, but
don't set eff_uid to the new uid. Any child Panic will call SendErrorMsg,
which will create a child socket, which calls xseteuid(eff_uid=0) after the
socket is created -- and that leads to another Panic.
This prevented the error from being sent.
In addition, since ServerSocket is still valid, when the child Panic calls
eexit(), it removes the socket file.
I've created a patch that fixes both of these bugs (and fixes a leaked file
descriptor or fork fails, which probably doesn't happen often :)
Patch is attached.
_______________________________________________________
File Attachments:
-------------------------------------------------------
Date: Fri 18 Jan 2019 06:41:51 PM UTC Name:
Prevent-Panic-causing-Panic-and-children-removing-sockets.diff Size: 4KiB
By: sshambar
<http://savannah.gnu.org/bugs/download.php?file_id=46014>
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?55511>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
